From fd755a7ff9de69802f04763570f69e4c3b68c08c Mon Sep 17 00:00:00 2001
From: Sean Harvey <sean@silverstripe.com>
Date: Mon, 24 Mar 2014 14:02:09 +1300
Subject: [PATCH] BUG ChangePasswordForm validation message should render HTML
 correctly.

HTML shows up in the form message escaped, but it shouldn't be.
---
 security/ChangePasswordForm.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/ChangePasswordForm.php b/security/ChangePasswordForm.php
index 4ed58fc5b..f4ae9fc06 100644
--- a/security/ChangePasswordForm.php
+++ b/security/ChangePasswordForm.php
@@ -131,7 +131,8 @@ class ChangePasswordForm extends Form {
 						"We couldn't accept that password: {password}",
 						array('password' => nl2br("\n".$isValid->starredList()))
 					), 
-					"bad"
+					"bad",
+					false
 				);
 
 				// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.